CVE-2025-25008: 
vulnerability analysis and mitigation

Improper link resolution before file access ('link following') in Microsoft Windows allows an authorized attacker to elevate privileges locally. This vulnerability was assigned CVE-2025-25008 and was disclosed on March 11, 2025. The vulnerability affects multiple versions of Microsoft Windows Server, including Server 2016, 2019, 2022, and 2025, in both full and core installations (NVD, CVE).

The vulnerability has been assigned a CVSS v3.1 base score of 7.1 (High), with the following vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H. The attack vector is Local, requiring low attack complexity and low privileges, with no user interaction needed. The scope is unchanged, with no impact on confidentiality but high impact on both integrity and availability. The vulnerability is classified as CWE-59: Improper Link Resolution Before File Access (NVD).

The vulnerability allows an authorized attacker to elevate privileges locally on affected Windows systems. This could potentially lead to complete system compromise through escalation of privileges, affecting both system integrity and availability (AttackerKB).

Microsoft has released security updates for all affected versions of Windows Server, including Server 2016 (10.0.14393.7876), Server 2019 (10.0.17763.7009), Server 2022 (10.0.20348.3328), and Server 2025 (10.0.26100.3476). It is recommended to apply these updates as soon as possible (NVD).